CVE-2021-37973
Google Chromium Portals Use-After-Free Vulnerability
CVSS
—
No CVSS
EPSS
11.7%
p96
KEV
YES
Nov 3, 2021
Exploit Today
79
0-100
Published: — · Last modified: —
Product
Google / Chromium Portals
Vulnerability
Google Chromium Portals Use-After-Free Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
Nov 17, 2021
Known ransomware use
No
Summary description
Google Chromium Portals contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects web browsers that utilize Chromium, including Google Chrome and Microsoft Edge.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-37973
No related CVEs by CWE or product.